dlp, phishing, tech support scamsphishing+tech...2018/11/19 · by msft partner ecosystem with...
TRANSCRIPT
Microsoft Finland
Microsoft in Finland
is a strong
millennial, born
1992
2+ million active
users in Microsoft
Office 365 cloud
2,000+ partners
generating 8 $
revenue per each $
by MSFT
Partner ecosystem
with 40,000 tech
jobs in Finland
1,600 start-ups
directly supported
by Microsoft
Close to 90% of the
students in Finland
using Office 365
51% of major
Finnish companies
using the cloud
The digital estate is growing
The cybersecurity landscape is rapidly changing
Cyberspace is the new battlefield
Virtually anything can be attacked
Security skills are in short supply
Infrastructure as a Service
Platform as a Service
Internet of Things 1st class mobile experience
Cloud Technology
SaaS adoption
Perimeter of a Modern Enterprise
Onlinebackup
SaaS apps
Cloud storage
Mobile devices
On-premises
Q: WHERE IS YOUR DATA?
A: EVERYWHERE
Devices: fixed
and mobile
SaaS apps &
file shares
On-premises
file shares
88 %of organizations no longer have confidence to detect and prevent loss of sensitive data
of employees use non-approved SaaS apps at work80 %
85 %of enterprise organizations keep sensitive information in the cloud
58 %have accidentally sent sensitive information to the wrong person
Onlinebackup
SaaS apps
Cloud storage
Mobile devices
On-premises
The challenge of securing your environment
The digital estate offers a very broad surface area that is difficult to
secure.
Bad actors are using increasingly creative and sophisticated
attacks.
Integrated, intelligent correlation and action on signals is difficult, time-
consuming, and expensive.
Increasingly Hostile Environment• Increased attack surface with new technologies creates new blind spots
• Attacks rising in volume and sophistication to capture illicit opportunities
Enterprise IT is Cloud Hybrid• Cloud adoption is inevitable (Digital Transformation + industry momentum)
• Legacy systems will take years to migrate or retire
Technology Mobility and Volume is Exploding• Increasing demand for first class experience on mobile devices
• Variance in trustworthiness of mobile devices
Pervasive Digital Transformation and IoT• IoT adoption driving a wave of app development and cloud usage
• Enterprise PC Security strategies applies poorly to IoT devices
IoT
Enable Seamless and secure identity and access for employees,
partners and customers
Protect sensitive data –wherever it lives or travels.
Protect, detect and remediate against threats
across the modern workplace.
Streamline management with built-in intelligence and recommendations.
Microsoft Security
Identities Endpoints User Data Cloud Apps Infrastructure
Users and admins Devices and sensors Email messages and documents
SaaS applications and data stores
Servers, virtual machines, databases,
networks
Intelligent Security Graph 6.5 TRILLION signals per day
Holistic view on security…
200+ global cloud consumer
and commercial services
400 billione-mails analyzed
1.2 billion devices scanned by Windows Defender
450 billionauthentications
18+ billion web pages scanned by Bing
The Microsoft Intelligent Security Graph
…provides new insights
Intelligence
Insights across
Clients and Services
The Microsoft Intelligent Security Graph
1.2 billion devices
scanned by
Windows Defender
200+ global cloud
consumer and commercial
services
450 billion
authentications
400 billion e-mails
analyzed
18+ billion web
pages scanned by Bing
Information Protection Trends
Microsoft Security Philosophy
Fileshare & USB stick Sprawl
SharePoint & Email/Mobile Sprawl
Cloud & Shadow IT Sprawl
Access Controls
+ Encryption + Rights Management
+ Full Lifecycle Protection
(Auto Classification, SaaS)
?
?
LabelDiscover Classify
Sensitivity Retention
→ Encryption
→ Restrict Access
→ Watermark
→ Header/Footer
→ Retention
→ Deletion
→ Records Management
→ Archiving
→ Sensitive data discovery
→ Data at risk
→ Policy violations
→ Policy recommendations
→ Proactive alerts
Comprehensive policies to protect and govern your most important data – throughout its lifecycle
• Unified approach to discover, classify & label
• Automatically apply policy-based actions
• Proactive monitoring to identify risks
• Broad coverage across locations
Apply label
Unified approach
Monitor
If an attacker sends an email
to 100 people in your
company…
…23 people will open it… …11 people will open the
attachment…
…and six will do it in the
first hour.
https://www.symantec.com/content/dam/symantec/docs/reports/istr-23-2018-en.pdf
https://enterprise.verizon.com/resources/reports/dbir/
92.4% of malware is delivered via email.
https://www.symantec.com/content/dam/symantec/docs/reports/istr-23-2018-en.pdf
Fake invoices are the #1 disguise for distributing malware.
Phishing email statistics from Office 365 from January 2018 to September 2018
Rich signal across M365
Rich client & Service Integration
Artificial Intelligence
Tech Support: Remote Access Go to www.teamviewer.com
ACCESS
GRANTEDDATA
COMPROMISED
https://www.ic3.gov/media/2018/180328.aspx
https://cloudblogs.microsoft.com/microsoftsecure/2018/04/20/teamin
g-up-in-the-war-on-tech-support-scams/
Tech Support Scams – Scope of the problem2 out of 3 people have experienced a tech support scam in the last year.
1 in 5 consumers surveyed continued with a potential fraudulent interactions;
meaning they downloaded software, visited a scam website, gave the fraudsters remote
access to their device, or provided credit card information or other form of payment.
Nearly 1 in 10 have lost money to a tech support scam.
Of those who continued with a fraudulent interaction, 17% of them were older than 55, while 34%
were between the ages of 36 and 54.
50% of those who continued were millennials,
between the ages of 18 and 34.
Source: Ipsos, Global Market Research, commissioned by Microsoft, July 2016.
Protect yourself from tech support scams
• Microsoft does not send unsolicited email messages or make unsolicited phone calls to request for personal or financial information, or fix your computer.
• Microsoft will never proactively reach out to you to provide unsolicited PC or technical support → Any communication we have with you must be initiated by you.
• Don’t call the number in pop-ups → Microsoft’s error and warning messages never include a phone number.
• Report it
• www.microsoft.com/reportascam
Jatketaan keskustelua…
Mikko ViitailaTeknologiajohtaja, National Technology Officer (NTO)Microsoft Oy
@mikkoviitaila
www.linkedin.com/in/viitaila
+358 40 8098757